Kevin Ian Schmidt

7 Security Policies You Need

security policiesWritten security policies are essential to a secure organization. Everyone in a company needs to understand the importance of the role they play in maintaining security. One way to accomplish this – to create a “security culture” – is to publish reasonable security policies. These security policies are documents that everyone in the organization should read and sign when they come on board. In the case of existing employees, the policies should be distributed, explained and – after adequate time for questions and discussions – signed.

This article will introduce you to seven security policies that every organization should consider adopting. The specific policies that you implement, as well as the amount of detail they contain, will change as a company grows. Certainly, an organization with two employees has different security concerns than an organization of thousands. This list addresses both physical and information security issues, and is meant to provide a starting point for assessing your particular security needs, when establishing your security policy.

7 Security Polices Every Company Needs

Internet Usage

Below are some guidelines that a business should be thinking of using when they are looking to set up any kinds of policies in relation to the use of the internet during business hours.

General Internet  Usage:

  • Internet usage is intended for job-related activities. Occasional brief personal use is allowed within reasonable limits
  • The Company reserves the right to monitor internet traffic and retrieve any data that is composed, transmitted, or received and, as such, is subject to disclosure to law enforcement or other third parties
  • Team members cannot pirate software, or download/copy software without authorization
  • Team members should always ensure that the business information contained in internet email messages and transmissions is accurate, appropriate, ethical, and lawful

However if you are a company that is allowing all their employees to have access to the internet then rules and regulations must be in place that will restrict the amount of time that they use it for their own personal use. So therefore when writing up any kind of company internet usage policy document it should clearly shown within it when employees are entitled to use the internet for personal searches and when for company work. To ensure that your employees are sticking to the guidelines provided then a good quality tracking software program should be installed. This will then help you to track when and what your employees are using the internet for. However again employees must be made aware that their use of the internet is being tracked.

 Check Out: Physical Security Program – know the process


What kind of subjects should you cover in the email section of your security policies? Here is a list of ten points to include:

  • Email risks: The policy should list email risks to make users aware of the potential harmful effects of their actions. Advise users that sending an email is like sending a postcard: if you don’t want it posted on a bulletin board, then don’t send it.
  • Best practices: This should include email etiquette and writing rules in order to uphold the good reputation of the company and to deliver quality customer service. For instance, include 6 etiquette rules:
    • Do not write emails in capitals,
    • Enable spell checking,
    • Read the email before you send it,
    • Include a signature that conforms to company format,
    • Use proper grammar and punctuation,
    • Include instructions on compressing attachments to save bandwidth.
  • Personal usage: The policy should state whether personal emails are accepted and if so, to what extent. You can for instance set limits on the times of day that personal emails can be sent (only during breaks), or you could require personal emails to be saved in a separate folder. In addition, state that employees are prohibited from sending or receiving certain email attachments, such as exe, mp3 or vbs files. You could also include a maximum file size for attachments sent via email.
  • Wastage of resources: Warn users that they are making use of the company’s email system and that they should not engage in non-business activities that unnecessarily tie up network traffic. The policy must also cover the use of newsletters & newsgroups. For instance you can state that employees may only subscribe to a newsletter or newsgroup if this directly relates to their job.
  • Prohibited content: The policy should expressly state that the email system is not to be used for the creation or distribution of any offensive, or disruptive messages, including messages containing offensive comments about race, gender, age, sexual orientation, pornography, religious or political beliefs, national origin or disability. State that employees who receive any emails with this content should report the matter to their supervisor immediately. Moreover, employees should not use email to discuss competitors, potential acquisitions or mergers or to give their opinion about another firm. Unlawful messages, such as copyright infringing emails should also be prohibited.
  • Document retention policy: Include information on whether or not email will be archived and for how long. If your organization is required to archive email messages, state that all emails will be archived and include the number of years that the records will be kept. If you are not required to archive your emails, notify your users about whether they can or should delete emails after a number of months or years.
  • Treatment of confidential data: Include rules and guidelines on how employees should deal with your company’s confidential information and trade secrets. They should also be aware that they should not forward any confidential messages or attachments from other companies without permission. Make employees encrypt any confidential information that is sent via email and change passwords regularly.
  • Email disclaimer: If you are adding a disclaimer to employees’ emails, you should inform them of this and state the disclaimer text that is added.
  • Email monitoring: If you are going to monitor your employees’ emails, you must state this in your email policy. Warn that employees should have no expectation of privacy in anything they create, store, send or receive on the company’s computer system and that the company may, but is not obliged to monitor messages without prior notice. If you do not mention that the company is not obliged to monitor messages, an employee could potentially sue the company for failing to block a particular message.
  • Measures & violation reporting: Warn that if an employee is found to be in breach of the email policy rules, this could result in disciplinary action, up to and including termination. If an employee witnesses email policy abuse they are required to report the incident immediately. Include contact details of who to contact if a violation of the policy rules is detected. This could be a supervisor but it might also be a good idea to appoint a specific contact person to report email policy breaches to.


Social Networking

While you might not have a large staff now, it is a good idea to put an online networking policy into your security policies as soon as possible. Make sure that everyone is aware of the social networking policy when they are first hired. Here are some things to consider when you are coming up with the social media policy for your company.

Social Media Presence:

  • Remember to act respectfully at all times when interacting on social media platforms
  • Confidential company information should be kept off social media
  • Team members should follow company guidelines for how to talk about products (or services) to keep with brand image
  • Should team members see negative content regarding the company on social media, they are to follow the set engagement procedures in order to react properly
  • Be sure to create a secure password and avoid default privacy and security settings for personal social media pages
  • What your employees are allowed to say about the company.
    • I am not suggesting that you totally censor your employees. However, you do have a certain public image to uphold. You have to decide early on what you are going to allow your employees to say about the company on social networking sites. This is definitely something that needs to be outlined in the handbook you create about your company’s social media policy.
  • Is there a particular point person to send media requests to?
    • Your employees may run into members of the media while they are networking. The journalist may want to ask them some questions about your company. You have to decide if you want your employees to be able to answer those types of questions themselves or if you want one employee to be the designated spokesperson for the company. Whatever you decide, make sure to communicate this to all staff so there is no confusion.
  • What employees are allowed to post on online networking sites.
    • Once again this is a matter of protecting your company image. Your employees are a representative of you. You need to figure out what kind of information you want your employees to post on social media. Are they allowed to reveal your company name on their personal profiles? Can they post pictures of themselves at work? Is it okay for them to post pictures of themselves drinking alcohol? These might seem trivial, but it is important to let your employees know beforehand what they can post rather than trying to discipline them when they cause bad publicity for the company.

Having a social media policy is important for you and your employees. It helps your employees to know exactly what they can and can’t do with their social media profiles. It could also protect you from future lawsuits since the policy will be spelled out in black and white. Now stop reading this article and create a social media policy for your company.

 Check Out: Layered Security

Access Control

You need to have an access control procedure, not just for visitors, venders, and guests, but also for employees, as not every employee needs access to every area. Ask these questions when developing an access control procedure for your security policies:

  • Do they have a need to be there? If an employee’s job does not require them to be in an area, clearly state that area is off limits, or set a physical control like key or electronic access to ensure it is enforced.
  • Will they need to be there escorted? A good rule of thumb is to clearly state areas like an HR office are restricted access, and only select personnel are authorized access unless escorted by select personnel, other offices and areas may need the same type of policy.
Check Out: How Do Your Alarms Communicate

Mobile Device Security

When you issue company business mobiles you are faced with many pros and cons, one of which is convenience and productivity while the other drawback is how to restrain mobile phone use as you keep your company liabilities at a minimum.

Here are some ways you can create security policies with respect to the use of company issued handsets:

Dispel privacy breach concerns with your company issued mobile phones. Make it a point to inform your employees that they do not have to fear their privacy being breached with the issuance of company mobiles. By doing this, you eliminate the probability of other problems or lawsuits from arising in the workplace.

Be sure that you own the phone numbers issued. It is very vital that you keep ownership of the phone numbers. You have to be clear with this in your policy. It is because you want to limit the likelihood of a leaving employee from further soliciting or doing business with your customers once they are gone.

Check monthly charges from time to time. The moment your employees know that their bills are being checked on a regular basis, they are less likely to incur unexplained surcharges or other unnecessary charges like for instance the purchase of unauthorized 3rd party content such as apps, ring tones, or even mobile games.

Report lost or damaged devices as soon as possible. The instant a company mobile device has been lost, damaged, or stolen, tell employees to report them immediately so all related services will be turned off the soonest time possible. There are some mobile apps that enable users to remotely track a mobile phone’s SIM card and delete all private data once lost or stolen. Expressly indicate who will shoulder the costs in case of loss or damaged business mobile phones. If it’s the employee who will have to bear the financial burden, then by all means let them know and have them sign up an acknowledgement agreement to that effect.

Inform them about GPS tracking. There are several mobile phones out there that come with software that does not only allow GPS navigation but also tracks the bearer. You have to expressly let them know that their business mobiles will come with a GPS tracking feature. Businesses in the field of logistics highly benefit from this practice.


Visitor Management and Safety

An unauthorized or unescorted visitor can be a physical threat and can also steal sensitive information. If possible, steer all visitors into a controlled entry point, be it a gate or receptionist’s desk. When writing your policy, decide whether visitors should be escorted at all times, or only in certain areas. Requiring visitors to wear a badge and sign in and out should also be considered. If your visitor management policy is communicated clearly, employees can more easily serve as your eyes and ears as they will feel more comfortable approaching or reporting a suspicious individual.

It would be wise then to craft a safety policy for visitors along the same lines as employers do for workplaces.

1 – Visitors must be notified of any hazards they might encounter.
2 – They must be made aware of all protocols and procedures in the event of an emergency.
3 – All visitors must sign-in and sign-out of your facility.
4 – Similar to all workplaces, must be provided with the appropriate personal protective equipment (PPE) and on its use and reason for it.
5 – Care must be taken to ensure proper fit and use of the PPE.
6 – Visitors must be oriented properly and advised on the basics of behavior during the visit.

Non-Disclosure Agreement

What is a Nondisclosure Agreement?

Fortunately, the United States legal system has several safeguards to protect intellectual property rights. One of these is the nondisclosure agreement (NDA), also known as a “confidentiality agreement.” This is a signed agreement between two or more parties which states they will keep confidential specific information shared during their business relationship, or in the course of a transaction. In the business world, an idea, formula, or process can be a company’s most important asset. The NDA ensures that a company or individual retains exclusive rights to their intellectual property. When you hire a company to manufacture your plush toy, an NDA gives you the assurance that your ideas (and profits) remain yours and legal recourse if it does not.

Types of NDA

There are two kinds of NDA. With a one-way NDA, only one of the parties is disclosing information. If you are hiring a company to produce your plush toy, but that company will not be sharing proprietary information (such as a secret method of stitching) with you, you may only need a one-way NDA. A mutual NDA is necessary when everyone involved in the process is sharing private information. If you sell a new manufacturing process to a soft drink company which shares a secret formula with you, you’ll both want a mutual nondisclosure agreement.

Contents of an NDA

A good NDA contains:

o Definitions of the shared information. For example, yours might include “the design for Skippy the Cat,” without describing the confidential information itself.

o Exclusions. Not all information needs to be confidential. This protects the recipient, in the event that it possesses or discovers information independently of its relationship with you.

o Recipient’s Responsibilities. Shared secret information must remain secret. Neither party can share it or use devious ways to steal it.

o Time Limit. Although you might want your idea to remain secret forever, this is not always going to be the case.

o Miscellaneous Clauses. These are various legal details, such as how a breach will be handled, who will pay attorney fees in the event of a lawsuit, etc.

BONUS: Workstation Security


  • Ensure monitors are positioned away from public view
  • Use screen privacy filters for added security (especially in open floorplan offices)
  • Always lock computer (and protect with a password) when stepping away from your desk
  • Log off workstation at the end of each business day
  • Keep food and drink away from your workstation at all times
  • When taking your laptop or other company owned devices out of the office, be sure to keep them in your trunk
    and out of plain sight


  • Only approved personnel may install software on workstations
  • All sensitive information must be stored on network servers and not the workstation itself
  • Follow all authentication and password management requirements



One key to creating effective policies is to make sure that they are clear, and as easy to comply with as possible. Policies that are overly complicated only encourage people to bypass the system. Don’t make employees feel like inmates. Communicate the need, and you can create a culture of security.

There is always a trade-off between security and convenience. You would like to board a plane without going through the TSA checkpoint, right? But how comfortable would you be knowing that no one else on the plane had gone through security either? The policies described in this article will help to ensure that you and your employees are protected.

For help in developing security policies to protect your organization and its employees, Contact me, I am available for assist you in your security policy development, or any other security needs you may have..

Factors to Consider in an Investigative Interview

The interview element of a workplace investigative interview isn’t easy and it can be even more difficult when there are conflicting responses to investigative interview questions. The number of people interviewed can also affect the investigator’s ability to determine credibility. Too few (ie, just the complainant and the subject) and it becomes one person’s word against the other. Too many (ie, multiple witnesses) and some may have conflicting stories due to bias. The EEOC recommends weighing the credibility of each person interviewed in order to find out what actually took place during the incident.

Factors to Consider:

The EEOC has put together a list of 5 factors to consider when trying to determine the credibility of statements and responses made during the interview process. However, it is also important to note that these are “things to consider” and not the “be all, end all” for determining credibility.

1. Inherent Plausibility:

Watch for the presence and order of key facts presented by everyone interviewed.

Is the testimony believable at face value? Does it make sense? Watch for the presence and order of key facts presented by everyone interviewed. You may also want to consult any materials in the workplace that could back up the facts of the story- security videos, whereabouts of the employees in the workplace, timing of events, etc.

2. Demeanor:

Did the person seem to be telling the truth or lying?

Check Out: Effective Communication Skills – LISTENING

3. Motive to Falsify:

Did the person have a reason to lie? Does the person feel threatened for any reason? Bias and opinion can sometimes get in the way of telling the truth. Consider any connections that people have to the incident or to the complainant and the subject. Could these connections cause them to lie because they know their friend will get hurt? Do they fear retaliation from others for being involved in the interview? Address these issues and enforce your zero-tolerance policy when it comes to retaliation in the workplace.

Learn about the PEACE Method of investigative interviewing for a better way to conduct interviews.

4. Corroboration:

Watch for commonalities or discrepancies in witness stories and the claims made by the complainant and the subject in order to get a better picture of what took place during the incident.

Is there a witness (such as an eye-witnesses, people who saw the person soon after the alleged incidents, or people who discussed the incidents with him or her at around the time that they occurred) or physical evidence (such as written documentation) that validate the party’s testimony? The information gathered from these individuals needs to be weighed and considered for accuracy- if the witnesses have any bias towards either individual involved in the incident, chances are their story will reflect it. Watch for commonalities or discrepancies in witness stories and the claims made by the complainant and the subject in order to get a better picture of what took place during the incident.

5. Past Record:

Did the alleged subject have a history of similar behavior in the past? Many times, past behavior is predictive of future behavior, but is not always the case. It is beneficial to be aware of repeat offenders in the workplace and what conclusions and actions were taken in their previous cases.


Budgeting for Training

budgetingWith the thought of taking from your operating budget to spend on staff training initiatives, it’s understandable if you consider employee development an expense. Yet because the benefits of training are so numerous, it’s much more beneficial to consider training as an investment in human resources.

The right staff training program can increase productivity, decrease the need for supervision, reduce absenteeism, improve customer service, lower the number of complaints, and boost sales. Well-informed employees make fewer mistakes and are more effective in dealing with your customers. And because employees will feel valued and appreciated, training can also increase the commitment and personal confidence that your staff feel in their jobs. This helps to create an appealing work environment and will help minimize staff turnover. If you choose your training wisely, it’s clear your dollars will be well-spent.

What Does It Cost When Budgeting for Training?

The cost of your training program will depend on the type of training you require. Many different types of training exist, each varying widely in cost.  Before you choose one, know what results you are after. Then, select the training activities that best fit those results and your budget.

Training Type Relative Cost
On-the-job coaching and mentoring $
Self-directed study $
Video presentations $
Job shadowing $
Satellite distance learning (e-learning) $$
Seminars $$
One-to-one tutoring $$
College courses $$$
Group workshops (external) $$$
Consultant training (in-house) $$-$$$

Legend: $ – Least Expensive, $$ – More Expensive, $$$ – Most Expensive

Creating a Training Budget

Budgeting for training does not mean using surplus money when it’s available. Instead, you should build a separate line item for training into your yearly budget. A training budget should include the following costs:

  • Initial communication about the training program
  • Training delivery (e.g. classes, video tutorials, e-learning, course fees)
  • Training materials (workbooks, videos)
  • Staff time (including replacement time)
  • Instructor fee
  • Travel, lodging or meal expenses required to participate
  • Ongoing training (upkeep)
  • Contingencies
Check Out: 10 Reasons Why Safety Training is Often Ineffective

Managing the Budget

Once approved, your training budget will need careful management to ensure that costs stay on track. Unforeseen events can lead to changing costs. A specially trained staff member might unexpectedly leave the company before their knowledge is passed on to others. Training costs will increase if you need to rely on external resources.

How Much to Spend on Training?

Many large organizations commit to investing anywhere from two to five percent of salary budgets back into training. While that may not be realistic for you, it’s important to find a number you feel your budget can absorb. Base the figure you’ll use on your needs analysis.

You may be tempted to use the least expensive trainers or training materials available. Often, using “b” level resources produces “b” results. Increase the likelihood of success by always striving for A’s. Use the best caliber training you can afford.

Check Out: How to Put Together a Workplace Safety Training Workshop

Ways to Save

Depending on the size of your staff, you may find training costs add up quickly. Here are some ways you can save on costs:

  • Group training: earn volume discounts by training numerous employees at once (sometimes as few as three participants will qualify)
  • Re-use materials: training materials such as videos have a long shelf life and may be used repeatedly
  • Teach one, teach all: spend on off-site training for one employee, but have him or her present their knowledge to remaining staff
  • E-learning: electronic options are cheaper than traditional, instructor-led training

Another tip is to negotiate free or reduced-cost training from your vendors, who will be happy to help you if it means their product will be successful.

Remember, the right training program will save you money in the long run.

Check Out: Back and Lifting Safety Training

Securing Commitment

Don’t forget that employee commitment is necessary for training to succeed.  One way to ensure employees take the effort seriously is to have those getting specialized training to share the cost. Employees who have made a personal investment in learning will be more focused on completing the task.

If you are footing the bill, get employees to commit to working for you for a specified period of time following the training’s completion. Let them know you will require reimbursement if they aren’t able to fulfill the agreement.

It is also important to have full support for training efforts from senior people in your organization. If they understand the long-term value of employee development, they should be able to help by earmarking funds for training.

Outsourcing Loss Prevention: is it worth it?

loss preventionOutsourcing is not a new concept but one that is growing by leaps and bounds across all corporate environments. Originally, only large corporations engaged in the outsourcing of business units and tasks. Now the concept is invading the mid-sized market as a viable business strategy.

According to the Outsourcing Institute, in 1996 outsourcing was viewed as a viable means to achieve cost control or economies of scale. Today outsourcing is an essential management tool for success in business innovation, global expansion and competitive advantage.

Many companies, regardless of size or product, have found that outsourcing non-core competencies has allowed them to achieve greater financial success while gaining additional and previously unavailable resources.

As an example, how does this affect the trucking industry? The core competencies of the trucking industry surround the timely movement of freight. The security of this freight and the potential for loss, a non-core competency, is a significant candidate for outsourcing. The management of transit and other liability claims is one example of outsourcing already familiar to many trucking operators.

In today’s environment, freight loss poses a significant threat to profitability. The maintenance of a centralized security or loss prevention unit can so easily become a costly overhead with less than satisfactory return on investment. Frequently, overinflated management with layers of administration reduces productivity. At the other extreme, forcing a security department to become too lean to be a real value is also pointless. Real effectiveness comes from the ability to call upon additional expertise and resources when they are needed. An efficient security director is in a position to recognize and justify such needs.

In some situations, the security function has been perverted by unnecessary and unproductive demands from senior managers. When the security department is viewed as a SNOW Department–”stuff no one else wants”, they are tasked with requirements that are contradictory to, and interfere with, their primary responsibility for security of corporate assets. Actual examples of such requirements being placed on the security department include:

  • Sharing their vehicles with other departments, causing delays in accomplishing security responsibilities due to lack of transportation.
  • Picking up the children of senior managers from their school and acting as babysitters because the manager’s wife wanted to go shopping without the children
  • Routinely delivering office supplies to other company locations.
  • Changing daytime work assignments to “chaperone” painters in the building at night, a normal Maintenance Department function.

Reliance on law enforcement is no longer part of the protection plan. Law enforcement agencies, for a variety of reasons, respond to public demands to the frequent exclusion of your business interests. Business losses are frequently considered nothing more than “the cost of doing business”, even to the extent that investigators and prosecutors take the view that the business owner can afford it.

Therefore, loss prevention and recovery rests almost entirely on your business strategies. A department store Vice President for distribution complained bitterly that his company was unable to persuade a district attorney to prosecute in a case involving high volume product theft in their distribution chain. Weaknesses in the company’s own security planning and resources were in part responsible. How to best meet your needs is utilization of all available security and loss prevention related resources.

What Are the Advantages of Outsourcing Your Loss Prevention Function?

  • Distance Management of a loss prevention function with extended geographical responsibility is an expensive venture. As the geographical area expands, efficient control of loss prevention activities may be reduced by distance, international boundaries, and even time zone differences.
  • Cost-savings In-house management costs increase even as the slightest geographical and business responsibilities increase. Outsourcing budgets are much more focused on a return on investment rather than maintenance of in-house specialist costs. Why? One reason–visibility.
  • Visibility The daily inefficiencies, distractions and politics of the in-house function are replaced with a cost and time sensitive, performance driven service. Outsource vendors cannot afford the inefficiencies so easily tolerated by corporate employees and employers whose ability to discern a “busy” department from a “productive” department is limited.In-house loss prevention functions frequently, over time, result in empire-building. “I am a manager, therefore I need a secretary to handle my calls.” Sometimes even the secretary believes that an assistant is needed. Now we have to make some “busy work” to justify the salaries of the additional staff. This in most cases ends up with a “top heavy” organization with more bosses than workers. Costs rise and productivity remains constant in spite of additional staff members. More is not necessarily better–efficiency of effort is all important. “What is the return on investment for each additional staff member?” should be the manager’s constant question.
  • Focus Another advantage of an outsourced loss prevention and security function is that the essential day-to-day operations are delegated to the outsource vendor, allowing management to focus on their corporate goals. The outsource vendor does not operate in a vacuum–frequent, but cost-effective interaction with a management representative provides the collaborative exchanges necessary to meet corporate objectives. The outsource service vendor is a vital element of your management structure but without the many ancillary costs of an in-house department.
  • Capabilities Outsourcing can lead to expanded capabilities within the national and international marketplace. The outsource vendor may have international contacts and associations with which to serve the freight industry. This allows a freight company operating in or planning to enter the international arena to have access to qualified and knowledgeable loss prevention network throughout the world.Have you seen the proposed operating cost budgets for opening up a new area service? How often do you take big risks just to keep the startup costs down? The economies of scale available through the outsource vendor provide the business manager with resources without the residual costs of having an agent in place, just waiting for work to come his way.
  • Resources The major advantage of outsourcing freight industry needs is the diverse and valuable availability of resources not normally found within the business unit. Can you imagine the manpower costs of having to maintain all possible resources within your business–a loss prevention risk analyst, forensic accountant, security system integrator and design specialist, investigators, etc? Many of these individuals would be used on a very limited basis at high cost to your business. The outsource vendor provides these individuals on an as-needed basis through alliances with other similarly placed associates.
Consider This While Pondering Outsourcing Los Prevention
  • Currently there is a considerable battle for talented staff.
  • Unless the individual can be fully utilized at the individual’s level of competence, the probability of recurring employee turnover exists.
  • With a multitude of requirements, the outsource vendor can financially justify employment of talented parties to service numerous clients without compromising client confidentiality.
  • The shortage of talent within the international market is particularly evident.
  • Due to different cultural and ethical considerations, an extended vetting period is required to identify qualified international staff members.
  • The outsource vendor’s experience, contacts and associations will serve your corporate objectives much faster.
  • The most productive and budget conscious Security Directors commonly use their outsource relationships to meet peaks in demand.

Visibility Means Knowing Where You Are

Through the outsourcing venture, business risks are shared. The outcomes expected from the vendor can be quantified to establish realistic benchmarks for program success. Goals are identified and remuneration is contingent upon goal accomplishments. If benchmarks are not met, a financial cost may accrue to the vendor through lost incentives or agreed penalties. If benchmarks are surpassed, financial gain is the reward. Profitability of both parties is influenced by goal setting and remuneration packages. With an in-house loss prevention function, the incentive of increased profit for the service provider is missing–therefore a frequent attitude is “I’m going to get paid my salary regardless of the outcome of my efforts.”

Check Out: External Theft – Shoplifting

The Rewards of Outsourcing Loss Prevention

Outsourcing has evolved over the past few years from a purely tactical, cost-cutting move to a strategic business tool. For the buyer, outsourcing advances a “core competency” business strategy. By leveraging the outsourcer’s core abilities, the buyer can enter new markets and gain access to state-of-the-art technologies without investing directly in their development or exposing themselves to more risk than is necessary.

Outsourcing also lets the buyer leverage the provider’s knowledge-repository of services and abilities, while providing access to individuals with specialized skills that might otherwise be both expensive and difficult to attract. Along with skills, the buyer gains access to the provider’s depth of experience performing the service, and the ability to perform at market rates. 2

Caveat Emptor

This discussion leaves one very important factor to mention. Successful selection of your security consulting and service vendor comes from the ability to create a continuing partnership based on trust and mutual respect for the other’s business. Above all, the vendor absolutely must identify with and support your business culture. For some security vendors that is a tricky and almost impossible task. Only those who observe and practice business priorities as a precursor to security priorities should be considered as your long-term outsource partners.

7 Sins of Physical Security

physical securityYou’ve got a few security guards and your CCTV system is up to snuff. You’ve got your building security covered, right? Think again. While many organizations are taking the steps to ensure their building is secure, many are ignoring basic pieces of the puzzle that is physical security in and around a facility.

Here’s a rundown of some common missteps organizations make when devising a building security plan.


7 Sins of Physical Security

1.) Creating post orders without advanced analysis

Most companies don’t have an inside person with facilities security expertise.  Often the facilities
manager will put together a guard services contract and contract services with a company and they really have very limited ideas about how to manage it.

The problem is that an outside contract company will often come into the assignment with their own post orders and place security personnel without first conducting a real analysis of the security needs of the
building. And because there isn’t an experienced person within the company that understands security, there is no system of checks to ensure the contract security personnel are doing what they should be doing. (Read a first-hand account of how easy it is for criminals to get in the door of a secure building
in Anatomy of a Hack) Before any contract security services firm creates post orders for a building, they should first conduct a thorough assessment of the unique needs for security in the facility.

Buildings differ primarily because of who the tenants are. Security needs to evaluate who is in there and what kind of risks they bring with them. Some have a high-traffic volume of visitors. They could be controversial; some might face the possibility of problems with former or disgruntled employees.
All of those things dictate what security should be doing at their posts.

2) Placing aesthetics over security

This mistake can be made as early as when the building is designed by an architect. While ground-level lighting and hidden cameras may be more pleasing to the eye, neither are good for security. We’ve even worked in a building where the architect had designed all the cameras to be out of sight.

But someone seeing the camera is 50 percent of the value because it’s a deterrent. When people know they are on camera, they are much less likely to do something wrong.

Another common design we see that makes us cringe is shrubbery that runs along walkways and sidewalks.  Suddenly someone who wants to rob someone has a nice hiding place.

Check Out: Common Security Vulnerabilities

3) Neglecting to properly secure certain entrances

We believe in the rule that the fewer entrances into a building, the better.  Every door is
another opportunity for someone to get in. While it is important to have several doors for emergency
exits, they all too often get neglected. We suggest alarms at all doors that have been designated as emergency. Employees should also be asked to demand ID or badges from individuals entering a secure building, and noted the best defense against intruders is a good security awareness program among workers that gets them to notice what is going on around them.

4) Allowing management to ignore security rules

Sure, a good awareness program might ask employees to “check” on one another to ensure they are wearing badges or ID. But what if management is neglecting to follow the rules? It is a physical security mistake we see all the time.

You have to make a choice. If you are going to have badge-wearing program, you have to wear the badge. If you’re not going to wear one, do away with the program because if you don’t wear it, you undermine the program.

5) Failing to take time to understand your technology

Physical security technology, such as CCTV, has come a long way in the last decade. The problem is many people don’t know how to use it. Often, a good CCTV recording system will be for naught because if there is an incident, the staff doesn’t know how to find the recording they need.

Companies will have a contractor come in an install the cameras, and then there is no follow up to learn how to really use it.

Another common scenario is a building with 40 or more cameras around the facility which use a multiplexer to toggle between cameras and record images. But the switching is done at random and is therefore of little use.

If you don’t set that up properly you might have situation where a person is breaking in a door but you don’t capture the event because the recorder was not on the door at that time.

Instead, monitoring systems be configured to have event-driven recording, which means a camera is activated where ever an alarm goes off.

Check Out: How do your alarms communicate

6) Failing to secure important rooms inside the building

You may have people working the server room all the time (in organizations), but now they can control what is going on in there remotely. So if someone is going in and out of there, you really want to know who it is and why they are there.

Consider access control systems around data centers that include badges and/or access cards as well as cameras. Also, if you have concerns about proprietary information – secure your mail rooms as well.

Check Out: Transparent Security – not seeing it is the point

7) Overdoing security

Lastly, it’s important to remember that these tips are not a one size fits all prescription for your building’s security. The level of facility security will need to fit the level of risk an organization faces.

We’re opposed to going into a facility and having them do as much security as they can do. If you overdo it to where it doesn’t make sense, within six months people will have figured out ways to get around security, not to be dishonest, but to avoid the hassle and it will be a waste of money. It has to match the risk and culture of the business.


If you need your physical security processes reviewed, please feel free to contact me.

Workplace Violence Awareness

workviolenceWorkplace violence involves any negative behavior that is disruptive to either another employee, customer or against the company itself. The reason I use such a broad term of definition is because most cases that end in violence begins with a negative behavior. It is at the inception of this behavior that action should be taken and not later, once things have gotten out of hand.

Often Supervisors and Managers find themselves in a frustrating situation. Lack of awareness training leaves them feeling frustrated and uncertain. Workplace violence is not always obvious and therefore often managers do not know how to recognize a problem at its onset, let alone know what to do to stop it. It’s a legitimate concern because if the problem is real, one is dealing with a time bomb and action needs to be carefully planned and handled delicately. If there isn’t a problem, and the situation is handled poorly, the accused employee is embarrassed or forced to leave the job, then you have civil action to worry about.

Company culture is a determining factor in acceptable employee behavior. Compounding the problem is weak or nonexistent policies regarding harassment and workplace violence, which hold just as much liability as apathetic management who choose to look the other way when a problem threatens escalation.

Violent events at the workplace don’t just happen out of the blue. There are always warning signs that something is wrong. Ultimately, it is the coworkers who usually first notice the change in behavior of one of their teammates. If awareness trained, these coworkers will know the importance and necessity to report their observations to management who can take immediate crisis intervention action. This is where a company finds excellent use of a “hotline” service. Anonymity is essential because if the employee fears that the potential aggressor will know who to go after, he or she will not report the activity. In that same light, employees who have undergone such awareness training know that their timely action could not only save their own life, but the lives of their coworkers.

Managers should take all threats seriously. Many times it’s one employee’s word against another, and when the offending employee is questioned s/he often remarks that – s/he was just kidding around or blowing off steam. Even if the offending employee was just blowing off steam or kidding around, keep in mind that the action was enough to cause concern to one employee – and that is one employee too many.

The warning signs of potential workplace violence include:


  • Lowered productivity
  • Increased absenteeism
  • Behavioral outbursts such as arguing, yelling or arguing with coworkers
  • Displaced aggression [kicking desk or punching walls]
  • Talk of destruction or making someone pay
  • Depression
  • Family problems
  • Substance abuse
  • Preoccupation with violence through movies, magazines and weapon collecting

preventing_workplace_violenceIt’s important to remember that our anticipation of violence can inadvertently perpetuate violence. For example, a termination is already a tense and emotional situation and it’s crucial that the employee be given a chance at a dignified exit. Having security in the same room at the time of termination is a show of force, and this alone can antagonize the employee into a hostile reaction. How you terminate someone should be carefully thought out and planned ahead of time with your safety in mind as well as the rest of your staff. If you think you are dealing with a volatile employee, pay the few extra dollars and have a counselor attend the dismissal meeting.

What a manager or business owner doesn’t realize is that responsibility or liability concerning the safety of its employees does not end when they leave the company property. In the U.S., and Canada is not so far behind, lawsuits are being filed against employers for failing to take responsible and due care to prevent a foreseeable injury which the manager or company had a duty to prevent.

Check Out: Layered Security

The Common Forms of Workplace Violence Incidents is as follows:

• 54% – Inappropriate language
• 13% – Verbal abuse
• 7% – Verbal threats of violence
• 6% – Sexual harassment
• 5% – Burglary
• 4% – Pushing/Shoving
• 3% – Fist fight
• 2% – Threatening emails received by employees
• 2% – Stalking
• 1% – Robbery (holdup)
• 1% – Threatening emails send by employees
• 1% – Bomb threat

Some employers have not yet fully addressed the issue of workplace violence; their negligence has not necessarily been purposeful. It has been due to a lack of awareness of the problem coupled with a preoccupation with everyday work and management pressures. This has caused employers to ignore some of the organizational factors that have contributed to workplace violence.

Some of those factors include:1. A weak, misunderstood or non-existent policy against all forms of violence in the workplace
2. Failure to educate managers and supervisors in recognizing early warning signs or symptoms of impending violence and their responsibility to take action
3. No appropriate and safe mechanism for reporting violent or threatening behavior
4. Failure to take immediate action against those who have threatened or committed acts of workplace violence
5. Inadequate physical security
6. Negligence in the hiring, training, supervision, discipline and retention of employees
7. Lack of in-house employee support systems

Employers who have addressed workplace violence have often overlooked domestic violence and how this plays a part in the workplace.

Check Out: Corporate Volunteering Leads to Engaged Employees

Myths about Workplace Violence That Cause It to Be Ignored

Myth #1: Workplace violence incidents are rare.

Unfortunately, we can find ourselves living in a bubble of complacency. And, unless we’re shaken out of our sleepwalking state by a terrifying news story, we tend to not notice less horrific things around us.

While it is true that the number of murders occurring from a workplace violence attack have lowered over the past few years, we shouldn’t be limiting our focus to just homicide. In fact, according to OSHA, there are over 1 million reported incidents of assault each year, just in the United States alone. And, since it’s estimated that only about half of all incidents are ever reported, that the total is closer to 2 million. And, this doesn’t include the approximately 1,000 homicides and 51,000 sexual assaults!

Myth #2: It will never happen here.

I call this the “Ostrich Syndrome.” You know, the belief that, “if I bury my head in the proverbial sand, I can make danger disappear.” The truth is that workplace violence can happen in any business, at anytime, and anywhere. And, it does. In fact, I’ve consulted with executives, business owners, and employees from, not only the US, but also Canada, Germany, England, France, Japan, and Thailand. And… the story is the same: Today’s workplaces are the most violent environments in which you can find yourself.

Myth #3: Postal employees have more to worry about than I do.

Unfortunately, due to a few incidents which occurred decades ago, the post office and it’s employees have garnered a much undeserved reputation for violence. Even the phrase, “going postal,” is still popular after nearly four decades of it’s creation. The reality is that only about 3% of all incidents occur within all government agencies – combined!

In fact, post office employees, as with any government workers, are probably some of the “least” likely to encounter violence in the workplace. While occupations like nursing and other healthcare, teaching, and psychiatric counselors have some of the highest incidents.

Myth #4: Workplace violence is a guy thing and women shouldn’t worry about it.

Murder is the number one cause of death for women killed on the job. And, as I said before, this is paled by the 13,000 rapes, 51,000 sexual assaults, and about 35% of the 600,000 simple assaults that occur in American workplaces every year. In other countries, like India, the Middle East, and the East, the percentages are even higher.

Men may perpetrate more of the attacks involving the use of guns, but women share the field almost equally when it comes to being the attacker and the victim. In addition, over 65% of all non-fatal workplace assaults occur in nursing homes, hospitals, residential care facilities, and other social service environments – places where women make up the vast majority of the work force.

Myth #5: Security guards and metal detectors will prevent workplace violence.

As a former police officer, I learned very quickly that security measures can do little to stop a determined perpetrator of a crime. It doesn’t matter if we’re talking about a burglar, a rapist, murderer, or even a terrorist – the newest threat to workplace safety.

In fact security guards and detection devices can do little more than cause an attacker to think more creatively. And, even if they do prevent the outsider from entering your company, they can do little to stop current or former employees, friends, family members and visitors that would have both knowledge of your facility, and a reason to be there in the first place.

Myth #6: The only cost we’ll have to worry about is attorney fees.

Over the years, I’ve had the opportunity to speak to my share of human resources managers, administrators, and executives about the need for a workplace violence prevention plan and crisis response training program in their facility. In that time, one of the most disturbing comments that I’ve ever heard was, “that’s what our attorney’s are for.”

Not only can your attorney’s, or the police for that matter, “not” take away the damage, injuries, death, and destruction that can occur, but their fees will be the least of your problems. The true cost of workplace violence incidents are estimated to be between 55 and 2 million US dollars every year. Costs associated with your company’s recovery in the post-event aftermath include not only attorney’s fees, but also lost work time, the effects of negative press and public image, property repairs, increased insurance premiums, and fines or judgments entered in favor of any plaintiffs suing you for liability. To give you an idea about just one of these areas, OSHA reports that American companies pay for over 1,700,000 sick days annually due to lost time resulting directly from violence in the workplace.

In many cases, the financial strain resulting from just one incident has put more than a few companies out of business for good.

Myth #7: He just “snapped.” We can’t prevent it because there are no warning signs.

Reports show that in 80% of all incidents of workplace violence, the assailant gave warning signs that went unheeded. In all of the programs that I teach, regardless of whether we’re talking about basic self-defense, street survival for law enforcement professionals, or workplace violence prevention and defensive tactics, “awareness” heads the list and is the easiest and most successful means for surviving a workplace violence attack.

The reality is that managers and employees alike can learn to anticipate, assess, and even manage the risk from internal causes by identifying, monitoring, and addressing employees who exhibit high-risk behaviors and characteristics before they can escalate into actual violence.

While not all situations can be prevented, and this is where a good, solid, self-defense and attack avoidance program comes in, early awareness and action can save property, lives, money, guilt and the embarrassment which can arise out of knowing that action “could” and “should” have been taken to prevent or minimize it.

Myth #8: We have insurance to cover the cost of damages.

Most workers and managers, as well as business owners wrongly believe that they are covered completely by whatever insurance coverage is in place to protect the company. When, in fact, supervisors, managers, and others in an authority or leadership position can be held personally responsible and sued in civil court for their actions or failure to act, and the conduct of others over which they had authority.

And, while most companies carry some sort of liability coverage, you may find that your insurance policy may have clauses that exclude damages from certain types of actions. Like hospitals, universities, and other open, “porous” entities, your company can be left holding the proverbial “bag” in the case of injuries, damages, or harm that comes to visitors, guests, and family members caught in the cross-fire of an event but who are not actually employees of your company.

Myth #9: We have a workplace violence prevention policy so we’re safe.

In light of all the evidence, most companies still do not have workplace violence plans, policies, or training programs. I have found that those who do, are still missing critical elements from these plans and leaving themselves open to the same or greater liability issues that their plans were supposed to eliminate in the first place.


External Theft: Shoplifting

External theft is the stealing of merchandise, cash, goods, or fraud resulting in loss by shoplifters.  According to the Hayes International Theft Survey, there were 1,014,817 shoplifting apprehensions resulting in a recovery of over $111 Million from the participating 25 retailers in 2009.  This number is actually an increase of 1.0% from last year.

woman in a supermarket stealing a bottle of champagne
woman in a supermarket stealing a bottle of champagne

There are two main classifications of shoplifters: amateurs and professionals.  Most shoplifters fall into the amateur category.  Meaning they usually do not enter a store with the intention to steal.  They see an opportunity to steal an item and take it.  This group is also comprised of the teens under peer pressure to steal, or desire certain items to fit into a group but cannot afford them.  These types of thieves will demonstrate a high level of nervousness and will often be looking over their shoulder or avoid eye contact with associates.  They may also be looking around for security cameras before performing the theft.  These types of shoplifters will most easily be stopped by having an employee presence in the area to offer customer service to them, or even simply applying security tags on items.

The professionals are the one’s who steal for a living.  These thieves are often very confident, have specific items in mind before entering the store, and are fast at performing the theft.  In some cases they can be in and out with thousands of dollars worth of merchandise in under 5 minutes!  These thieves target merchandise that is small, has a high dollar value, and can be easily resold.  Some of the methods they use are box stuffing (placing high value items inside lower valued item box), barcode switching (placing less expensive UPC’s on high priced items), double shopping (purchasing a high dollar item then exiting and re-entering, selecting the same item and exiting a different door showing the original receipt as proof of purchase if questioned), refund fraud, or simply attempting to walk out of the store with the unpaid for merchandise unnoticed.

Preventing External Theft

One of the best ways to deter external theft is providing superior customer service and having departments fully staffed.  Most thieves don’t want to interact with store associates in any way, so offering them assistance will make many decide against it.  Some retailers lock up high theft merchandise and will have an associate unlock and bring the items to the register for a customer when they are ready to purchase.  This can hinder customer service objectives in some ways but is a strong control in preventing theft.  EAS (Electronic Article Surveillance) is also widely used in the retail industry.  This is a method of affixing tags or electronic devices to items which will sound an alarm if taken out of the store before being removed or deactivated at the register by a cashier.

Check Out: Physical Security Program, Know the Process

External theft will always be a problem but the goal is to identify where your losses are occurring and to determine ways to prevent further losses.  This could be by apprehending the suspects causing the loss, limiting quantities on the shelf, using EAS tags, dedicated surveillance on specific items, or increasing awareness in the store of high theft items.


Shoplifting Methods

  • Working in groups in order to distract your employees while one person steals.
  • Waiting around for shift changes so that there are more distractions.
  • Putting merchandise into a purse or handbag and paying only for that item.
  • Tucking stolen goods into their jackets, pants, purses, or, as disgusting as it is, their child’s stroller or carrier.
  • Returning merchandise that was not purchased in your store.
  • Switching labels. I.E. Putting a.99 cents label for a candy bar on a $100 dollar item instead. (Yes, this is still considered shoplifting!)
Check Out: Comprehensive Loss Prevention – Don’t just be reactive

Here are a few steps that retailers can take to curb shoplifting in their stores.

1) Greet Customers

Acknowledging customers when they enter the store is much more than \good customer service. Sure, greeting customers makes them feel welcome, but it also tells potential shoplifters that staff can see them. That verbal and visual acknowledgement can sometimes be enough to scare potential shoplifters into rethinking their actions.

2) Adequate Staffing

As we mentioned earlier, one of the easiest ways for shoplifters to get away with stealing is when other customers or duties distract store staff. One of the most effective ways to prevent shoplifting is to make sure there are enough employees on the floor and that staff are spread out across departments or areas. Large stores often assign specific floor sections to employees so that they’re responsible for greeting and assisting all customers that enter that specific area.

3) Store Layout

The layout of a store can affect how easy it may be for shoplifters to succeed. Some things to keep in mind include:

  • Consider putting highly desirable items in one area, assign staff to closely watch the aisle or area, and design the area in a way so there’s only one entry/exit point.
  • Install mirrors in blind spots.
  • Hang anti-theft signage to deter shoplifting in unattended corners.
  • Keep store windows clear to aid visibility.
  • Place the checkout counter near the entrance to the store to require customers to pass by before leaving.

4) Limit Changing Room Items

In order to take account of which items enter and exit clothing changing rooms, implement a store policy that limits the number of items a customer can take inside the room at a time. Have staff count out the number of items and hang or fold them so that each item is visible inside the dressing room. Only when a customer is finished with one item can they swap it with another they’d like to try on.

When the customer is done, ask them to bring all of the items out of the change room and have staff count them quickly so that the same number of items are returned.

5) Train Staff

Perhaps the most important tip is to educate any staff that interact with customers on loss prevention. Training employees on shoplifter traits and providing a store policy on how to handle these customers is a retailer’s most effective tool. Simply having a staff member approach a suspicious customer and ask, “Can I help you?” or “Can I ring that up for you?” can deter shoplifting without sounding accusatory or rude.

It’s also important to let staff know that if they see a customer steal something, they should alert a manager immediately and not try to take action on their own or chase down the shoplifter.

Enhancing current approaches to combat ORC

  • Environment — “We prosecute” signage, hard to remove “Sold only in (retailer name)” stickers on items, small store layout changes, and ORC-aware changes to fitting room policies/staffing and visible technologies like Electronic Article Surveillance (EAS) and video surveillance.
  • Personnel — “Loss Prevention Greeters” at store entrance monitor the exit and flag suspect behavior to help reduce shoplifting, whether opportunistic, habitual or organized.
  • Antifraud measures — Stricter policies governing cash receipts can have a big impact: marking “cash plus store credit” purchase receipts with cash amount blocks the most lucrative form of return fraud. And “this store only” return policies at high-risk stores significantly impair gift-card consolidation and online monetization.
  • Detection — Expanding established EAS and video surveillance programs based on patterns of organized crime raises the risk of detection, making stores far less attractive targets. Utilizing video surveillance to monitor suspicious or repeating ORC criminals and alerting store associates if theft occurs provides another opportunity to raise the risk of detection.


Deploying new technologies
Extensions of EAS technologies specifically targeting ORC include:

  • Jammer detectors that respond to signals thieves use to overwhelm the electronic resonances on which EAS detectors depend.
  • Booster-bag detectors that detect aluminum-foil-lined containers carried into stores.
  • Selective remote alarms that redirect data from jammer detectors and booster-bag detectors to notify staff that a thief has entered the store.

New applications of video surveillance help combat shoplifting of all kinds, and ORC in particular:

  • Linking jammer and booster-bag detectors to digital video surveillance helps stores capture pictures of potential thieves entering and leaving the store. When item-level information from RFID tags are integrated into loss prevention, stores can link video evidence of theft events to goods recovered from thieves at storefront or in the parking lot.
  • Advanced technologies extend video surveillance to include facial recognition, monitoring of “exception behaviors” typical of gang theft, and storewide surveillance tracking likely thieves.
  • Pervasive video: shelf-level cameras linked to advanced detectors can provide an end-to-end record of theft events, together with filtering out activities of legitimate shoppers.


Organized retail defense
The final step in fighting ORC will come when retailers organize, turning the gangs’ most powerful method against them, with strategies including:

  • Predictive analytics — integrating information from EAS, jammer, booster-bag, and RFID detectors, video surveillance, human intelligence and more can identify theft patterns within and across stores, for efficient deterrent deployments, countermeasures and enforcement.
  • Real-time adaptive analytics — monitoring point-of-sale data, store traffic, and real-time inventory lift from both sales and theft will help stores align associate staffing to shopper behavior patterns to maximize sales and minimize theft.
  • Collaboration and enforcement — the retail industry, together with government and law-enforcement agencies, are beginning to organize against the ORC problem and extend through public-private partnerships all the way to national legislative initiatives and cross-border extradition agreements.

Organized Retail Crime is emerging as a significant threat to retailers worldwide. Its growing incidence and sophistication, the high costs per incident, and advanced opportunities for monetization reveal a global problem requiring immediate, sustained attention.

Using Social Media in Investigations

As every moment of people’s lives—both inconsequential and monumental—have spread onto Facebook, Twitter, Instagram, LinkedIn, SnapChat, TikTok, and other platforms, a record has been created of comings and goings, personal opinions and piques, that can be a trove during investigations.

First off, What is a Social Media Investigation?

A social media investigation looks into the social media posts, status updates, photos, and conversations of an individual. You might require a social media investigation for a court case, custody battle, or as part of a background investigation. This can be used as evidence in court cases to support alibis and provide supplementary evidence, for risk assessment, and for active monitoring.

What you’re searching for will depend on the investigation.

For the average court case, social media can be searched to establish a foundation of character, verify, or disqualify an alibi, and find supporting evidence. This includes looking at the location tags for Facebook, Twitter, and Instagram posts, verifying that the posts were original, and identifying what other individuals associated with the case are involved. For some investigations, like for crimes against minors, alerts and searches can be set up for specific search terms, and it can be discovered what type and age of individuals the person is interacting with.

For a domestic investigation, you might search for photos of your partner that support your suspicions of infidelity, or check the location data on posts on Twitter to verify he or she is where they say they are. Internet messaging, Facebook messages, and Twitter direct messages can also indicate whether or not the individual is staying faithful.

A custody case can involve looking at photos posted across platforms to identify who the individual is associating with. Twitter posts could indicate whether the individual is suited and trustworthy for retaining custody, and a Tumblr investigation can reveal the individual’s priorities, thoughts, and intentions.

Any case involving possible drug use can mean searching for photographs and posts across platforms that would indicate potential drug use, as well as a search for Tumblr posts of images or comments, reblogs, that support drug use. This type of investigation includes searching and setting up alerts for specific terms relating to drug use. In some cases, a sting can be set up to see if, through internet messaging services, the individual is dealing or affiliated with a dealer.

Check Out: 5 Myths about Employee Theft


When it comes to mining social media for potential evidence, content can broadly be divided into two categories:

  • Incriminating content that subjects inadvertently upload themselves: People are so used to sharing their activities on social media, that they’ll occasionally share something that incriminates them, or contradicts their legal claim, without thinking. For example, an insurance fraudster who claimed that a vehicle accident had left her severely debilitated was outed when investigators found photos of her snowboarding and scuba-diving on her social media accounts.
  • Incriminating content uploaded by third parties: Just because someone isn’t very active on social media—or their privacy settings don’t allow outsiders to see much on their accounts—doesn’t mean that you can’t use social media to find useful evidence. In the case of a major car crash, for instance, it’s very possible that a bystander uploaded footage of the accident to Twitter, Facebook, or YouTube. One great example is a 2015  case, during which a man claimed that he’d wrecked his $60,000 Corvette while driving on the Interstate. Unfortunately for him, investigators found YouTube footage of the sportscar being crashed into a barrier during a drag-racing event.


So, now we have talked about WHAT a social media investigation consists of, let’s talk about if you SHOULD or CAN do a social media investigation.

Social media postings may also constitute evidence or provide leads to potential witnesses. For example, many of the far-right agitators behind the 2017 Unite the Right rally in Charlottesville, Virginia openly coordinated their mayhem online. A number of their posts appear in the complaint against them and will likely be entered into evidence at trial.

Social Media Investigation Findings as Evidence

Wall posts, status updates, photos, check-ins and tweets have all been used as evidence in workplace investigations. In the Zimmerman v. Weis Markets Inc. case, Zimmerman was an employee of a subcontractor of Weis Markets and was seeking damages for an injury that occurred at work. Zimmerman claimed that an accident seriously and permanently impaired his health.  Weis Markets reviewed the public portions of Zimmerman’s Facebook and MySpace pages, and felt that there might be some additional information to refute the damage claims in the private sections of his profile.

On the public portions of his profile, the company found photos of Zimmerman engaging in some of his favorite activities after the accident took place at work. They knew the photos were from after the accident because his scar from the accident was visible in the pictures.

The court decided that Zimmerman had to hand over his passwords and login information to the counsel for Weis Markets so that they could access the private sections of his Facebook and MySpace accounts. The opinion released by the court said:

Zimmerman voluntarily posted all of the pictures and information on his Facebook and MySpace sites to share with other users of these social network sites, and he cannot now claim he possesses any reasonable expectation of privacy to prevent Weis Markets from access to such information.

Below are a few key cases involving social media as evidence.

  • State v. Eleck
  • Rene v. State
  • Bland v. Roberts
  • Thompson v. Autoliv Asp, Inc.
  • Richards v. Hertz
  • State v. Tienda
  • Tompkins v. Detroit Metropolitan Airport


One of the biggest hurdles to social media becoming a staple in the courtroom has been provability. Most courts require metadata and MD5 hash values for evidentiary validation and to establish chain of custody, applying Rule 901(b)(4) of the U.S. Federal Rule of Evidence (see Lorraine v. Markel American Insurance Company or State v. Tienda).

Metadata –

Metadata can be a laundry list of items, including unified resource identifier, item type, parent item, thread id, recipients, created time, updated time, link, comments, and picture url, to name a few.

MD5 Hash Value –

MD5 hash value is a one-way cryptographic hash function that is used to verify data integrity. It is a 32 character hexadecimal string of numbers and letters that has a 1.7 undecillion (that’s 36 zeros) chance of being replicated . In layman terms, the chances of the MD5 hash being replicated are about the same as someone winning the powerball 32 times in a row.

Courts have rejected simple printouts of social media posts, citing inadequate authentication (see State of Connecticut v. Eleck). As an extension of provability through MD5 hash values and metadata, we can also provide expert testimony to validate evidence.


What Employers Need to Consider

You won’t always be granted permission to obtain login information and passwords from an employee under investigation. Be aware of the Patterson v. Turner Construction Company to remind employers that their requests must be “made in the right kind of case, at the right stage of the case, and have the right scope.”

Employers also have to be careful about how they access information posted on an employee’s social media profile. Attorneys and investigators cannot misrepresent who they are in order to get access to join their opposition’s private social media network. For example, you cannot create an account under an alias, “friend” the employee under investigation and then expect to use that information to support your case – the evidence won’t be admissible.

Principle: an investigator is almost always prohibited from using misrepresentation or dissemblance to obtain information, and it is evident that this injunction applies to social media investigations. In New York, as in most states, conduct involving dishonesty, fraud, deceit, or misrepresentation is prohibited under NY Rules of Professional Conduct, Rule 8.4 (c). Further, it is axiomatic that lawyers may not violate the rights of third parties when obtaining evidence. Most jurisdictions have adopted ABA Model Rule 8.4(a), stating that an investigator’s unethical acts may be imputed to the attorney. Even in states that have not explicitly adopted it, there is “substantial case law that supports the proposition that the duty of an attorney. . . not to deceive extends beyond the courtroom.”

Bar associations have also addressed the question of how investigators may contact people on social media. The New York City Bar Association says investigators may contact unrepresented parties without violating ethical rules provided that there are no overt misrepresentations. The San Diego County Bar Association takes a stricter view, requiring that even where contact or “friending” may be otherwise proper, an attorney should not make contact with an individual without disclosing that she is an attorney and the purpose of the contact. When investigating in different jurisdictions—and keeping in mind that most social media companies are headquartered in California—it is wise to adopt the more restrictive guidance.

Advice for Using Social Media During a Fraud Investigation

Of course, near-constant content creation has a major downside: because of the sheer amount of social media content out there, finding that crucial piece of evidence isn’t always easy. For this reason, social media investigation has become its own specialized field, and in order to use it effectively, you have to be systematic in your approach.

With that in mind, here are five tactics to use when collecting social media content as evidence during a fraud investigation:

  • Consider all the platforms: When it comes to looking for online evidence, Facebook and Instagram tend to be the most useful platforms, but there are many others worth considering. In fact, there are around 200 widely-used social media sites at the moment, so if you’re limiting your investigation to the top two, or three, you could be missing out on crucial evidence. Just consider the December 2019 case, during which a claim of serious physical injury was proved false with posts of a 10-mile run and a 20-mile bike ride on the fitness-oriented social media platform Strava.
  • Use tools to find online profiles: A simple Google search remains a good way of finding a particular individual’s online profiles, but other excellent tools also exist. Search tools like Pipl, Peoplefinders, PeekYou, and Classmates can all be used to identify social media profiles. If you have an image and would like to see where it appears online, TinEye is another great tool.
  • Always obtain evidence ethically and legally: It’s important to stay on the right side of the law. While law enforcement might sometimes be able to create fake social media profiles to investigate suspects, law firms and fraud investigators don’t have that same freedom. And even API tools that were once very useful for collecting social media evidence are now creating severe preservation challenges thanks to privacy concerns. So, when collecting social media evidence, focus only on content that you can view and capture legally—and use a browser-based evidence tool to collect it.          
  • Consider someone’s social connections: While an individual being investigated might be clever enough to utilize strict social media privacy settings and refrain from posting incriminating content, they probably won’t be able to keep all their activities hidden. As mentioned earlier, a bystander might upload an incriminating video to YouTube. Similarly, someone’s friends, family, roommates, team mates, or colleagues might also post useful images and information. Because of this, it’s worth exploring the accounts of people in an individual’s social circle, as well as any pages belonging to an employer, association, sports team, etc.
  • Make sure evidence is defensible: Collecting incriminating evidence is only half the battle—legal teams also need to be able to convince other parties of the information’s authenticity. While taking a simple screenshot might seem like a quick and easy way of collecting evidence, it’s all too easy for the person under investigation (or their legal

Five Tips for Effective Social Media Investigation

  1.  Google And Bing Are Your Friends

Never underestimate the power of your favorite search engine. Many people don’t realize how much information is available about almost everyone via the internet. Simply searching your subjects name might uncover surprising results.

Another easy search engine technique is reverse image search. Sometimes an image search reveals social media accounts, online dating profiles, employers, personal blogs, and a wealth of other resources. Use critical thinking when evaluating the results as some phishers, scammers, and catfishers steal people’s pictures to use to build false profiles.

  1. Look Your Subject Up On Social Media

Social media offers hints to a subject’s location, lifestyle, and interests. According to Pew Research, 48% of social media users report finding each channels privacy settings difficult or confusing. As a result, many leave some or all of their information public. A public social media profile is one of the first visits for any investigator.

Even when the subject uses privacy settings, there may still be publicly posted information on major channels like Facebook and Instagram. Facebook’s graph search may uncover unexpected gems as many people allow the public to see photographs they are tagged in. Insurance investigators, divorce attorneys, potential employers, and debt collectors have all uncovered valuable information and evidence of a subject’s lifestyle and character simply through casual, candid photographs posted on Facebook, Snapchat, or Instagram.

Savvy investigators also look at less personal social media accounts such as Pinterest. Even though users are less likely to post telling, personal details, these channels can indicate location and interests.

Check Out: External Theft – Shoplifting
  1. Look at Your Subject’s Friends’ Accounts

Many people allow friends of their friends to see even private details. Also, sometimes friends with public profiles may comment on photographs, location check-ins, or status updates from friends with private accounts.

A recent study uncovered that nearly 50% of all social media users accept friend requests from strangers. Be aware that many social networks forbid false profiles.

  1. Take Screenshots To Preserve The Evidence

Since social media posts are ephemeral, your subject may remove embarrassing or incriminating content. Savvy investigators keep a record of these posts including a screenshot. Be sure to track important details about the posts you uncover and find a way to preserve and archive any valuable information.

  1. Try Social Listening Tools

Social listening tools help businesses with marketing and customer service purposes. Some of these same social listening tools have investigative applications. It would be prohibitively time-consuming to constantly search Google, Bing, and each social network for new updates on your subject. However, you can automate some of this using social listening tools.



As investigators, we spend a great deal of time on these platforms reviewing information posted by and about the subjects of our investigations. Modern social media platforms can be a tremendously useful resource. The reason for this is simple: a lot of us are active on social media these days—and we tend to share more than less. At the end of Q1 2020, Facebook reported 1.73 billion daily active users and 2.6 billion monthly active users, with around half of all social media site visits in the United States going to Facebook. Add Instagram’s 500-million daily active users—not to mention the 500 hours of video uploaded to YouTube every minute!—and you’re left with a lot of potential digital evidence.

Overview of the PEACE Method: investigative Interviews

The PEACE Method of investigative interviews is best suited for detailed employee investigations, and you need a strict understanding of the processes involved, so you can execute it properly. I am writing to provide you with a detailed overview of the PEACE Method, so you can decide if you are interested in trying it for your company. If you want to learn more, contact me and we can set up a consultation.


  1. The role of investigative interviewing

eye metricsThe gathering of information from a well-prepared victim or witness interview will contribute significantly to any investigation. An effective interview of a suspect will commit them to an account of events that may include an admission or may provide information leading to further witnesses of benefit to an investigation. Conversely, failure to professionally undertake interviews can have adverse consequences in terms of failure to adhere to legislation, loss of critical material, lack of credibility and loss of confidence. For this reason our Investigators adopt the PEACE framework detailed below.

  1. Principles of investigative interviewing
  2. The aim of investigative interviewing is to obtain accurate and reliable accounts from
    victims, witnesses or suspects about matters under investigation.
    ii. Investigators must act fairly when questioning victims, witnesses or suspects.
    Vulnerable people must be treated with particular consideration at all times.
    iii. Investigative interviewing should be approached with an investigative mindset.
    Accounts obtained from the person who is being interviewed should always be tested
    against what the interviewer already knows or what can reasonably be established.
    iv. When conducting an interview, investigators are free to ask a wide range of questions
    in order to obtain material which may assist an investigation.
    v. Investigators should recognize the positive impact of fairly and considerably conducted interview
    vi. Investigators are not bound to accept the first answer given. Questioning is not unfair
    merely because it is persistent.
  3. The PEACE Interview Framework

There are five phases to the PEACE framework:

Planning and Preparation
This includes what to consider when planning for an interview
Engage and Explain
This describes how to cope with the special features of getting an interview started and establishing the ground rules
This deals with the central issue of obtaining the interviewee’s account, clarifying this and, where necessary, challenging it
This describes the considerations before closing an interview
This consists of asking questions about what was achieved during the interview and how it fits into the whole investigation. Evaluation also includes the development of an interviewer’s skill level, through assessment (self, peer and manager) and feedback

P – Planning and Preparation

Planning involves the thought processes in getting ready to interview; and Preparation involves getting the location, the environment and the administration ready. The planning process involves gathering information so as to allow the interviewer to remain in control of the interview, to ensure that it goes in the right direction and that sufficient time is available . The maxim – “Proper preparation prevents poor performance” or other colloquial versions are very relevant. In addition, the interviewer should understand the purpose of the interview, the previous background circumstances, and have a profile of the interviewee. Not every interview is well planned but the more significant the issue, the more likely time nay be invested in preparation. Preparation may involve simply defining the purpose of the interview but it can also involve the set up of the interview space. An assessment of available prior knowledge might also be carried out in advance in order to understand what information is required. Understanding what is required may go some way towards understanding how it can be obtained. The mechanics of the interview space may involve seating, logistics and venue, however they will also involve making any exhibits, if relevant, available for examination during questioning, Good interviewers are investigative whereas poor investigators are merely interviewers. Unless preparation takes place an interviewer may overlook important evidence or miss inconsistencies in the interview information. Unnecessary breaks may then be taken in order to ratify forthcoming information

E – Engage and Explain

The opening phase of an interview can be crucial to the interviewer’s success. If the interviewer can engage the interviewee for a few minutes, this can then “warm up” the interviewee and assist that person to engage with the interviewer in a relaxed relationship which may then be continued throughout the interview. Engaging the interviewee is sometimes described as the Rapport stage of the interview. Courtesy, politeness, and understanding cost nothing to the interviewer but can make all the difference between his/her success and failure as an interviewer. Successful interviewers may take time to find out what motivates the interviewees. Once these drivers are understood then it may be possible to take steps to use them. In addition, the formalities of the interview may need explanation. The tape recording, and other procedures, once understood, can help the interviewee to empathize with the interviewer. If this happens then the interviewer will have much greater success. The format of the interview may then be explained – in order to demystify the process and to give the interviewee the impression that he is not going to be tricked. This sense of security may later be challenged by an interviewer who wishes to ask supplementary questions, or to clarify an earlier account

The interviewee may be asked to comment on matters which have not already been described in the interview or to repeat an earlier explanation in their own words. The interviewer is likely to use the interviewee’s words and repeat them back to him where he or she is checking for a correct interpretation Frequently interviewers will take a great deal of time and put themselves out in order to show consideration for the interviewee. Frequently the interviewee will be asked if he wants a drink or to use the toilet or how he or she wants to be addressed in the interview. Successful interviewers often ask whether there are any time restraints on the interviewee as these concerns may be used to increase the interviewee’s tension later on

The Interviewer will set the scene by saying that the interview is very important and that everything the interviewee says is important. As a result they should not leave anything out, even if they believe it is of no relevance. The interviewee may even be given the impression that they will have to work hard because they have all the information. This creates the impression that there is something that the interviewee needs to say to the interviewer.

At any stage of the interview, in order to ensure fairness, the interviewee may be encouraged to ask a question of the interviewer if there is something which they do not understand, if there is something they do not know or if they do not understand the interviewer

It is unlikely that an interviewee will be encouraged to ask a question for clarification where there is more than one possible meaning for a question, or ask the interviewer to explain something which was inappropriate or leading or to say that they do not feel that it is appropriate for them to answer a question, or refuse to speculate or give their opinion as to hypothetical circumstances

Once this engagement stage has passed, the witness will be asked to give his account. The interviewer may then ask questions to clarify the account or to interrupt where additional information is required

The interviewer may also use the engagement stage as training for later in the interview. The interviewer will be establishing their control and getting the interviewee ready for the next stage of the interview. The interviewee will be encouraged to answer simpler questions (with yes or no answers) and the interviewer will be assessing the interviewee’s language and communication

A – Account

At this stage an interviewer obtains the interviewee’s full account of events. The three main steps are:

  • obtaining the interviewee’s account of events
  • Expanding and clarifying that account
  • Challenging the interviewee’s account with information from other interviewees (if helpful)

Good questioning and listening skills are required to produce an accurate and reliable account. During the Account process an interviewee may change from being cooperative to un-cooperative so it is important for the interviewer to be fully alert during the interview. The interviewer should be able to detect changes in the interviewee’s language and behavior. For cooperative interviewees such as victims and witnesses, the interviewer may use additional techniques of free recall to begin with and perhaps move on to cognitive interviewing for more advanced interviews. For uncooperative interviewees the interviewer will normally rely on conversation management as a technique. Interviewers are recommended to ask all their relevant questions – even in the face of a ‘No comment’ response. This is so as not to leave any gaps that the interviewee (or their organization) might later seek to fill in as part of a defense. After allowing the interviewee to begin to give their account of the facts, the interviewee may use questioning techniques such as summarizing, empathizing, repeating questions, leading questions, accusing questions, varying the questions to ask about the same circumstances, varying the interviewee’s previous responses to suggest that they have already said something or encouraging different ways or repeated attempts to recall the same or related facts

The interviewer may need to clarify or challenge the interviewee’s account. This could be because the interviewer is unclear about something the interviewee has said, or because the information is inconsistent with other known information. This “Challenge Phase” of the Account may include challenges to inconsistencies in the Account or it may also include pre-planned challenges. Information may be held back in order to test what the person might say in the absence of certain key facts.


C – Closure

The Closure stage should ensure there is an understanding on the part of the interviewee as to what has happened during the interview and ensure that the interviewee is certain that the information they have given is accurate in all material respects or that any grey areas have been sufficiently highlighted. The interviewer should confirm that all aspects of the Account have been covered, allowing the interviewee to give any additional information which they think may be relevant and are willing to provide and allow them to be able to give further information in future. It is important to explain what will happen in the next phase of the interview process

A positive close to the interview may mean an interviewee is able to give any new and relevant information in the future, either through recall or as new information comes to light. The closure may also assist in facilitating future interviews with other interviewees.

E – Evaluation

This stage concludes the PEACE interview but not necessarily the interviewing process. The interviewer will, in this section of the interview, often suggest a short break for them to re-review their notes to see if the aims and objectives for the interview have been achieved. In addition, the interviewer will also review the investigation in the light of information obtained during the interview and may reflect upon how well he or she conducted the interview


When conducting an investigative interview, you also need to be aware of the non-verbal indicators.

Understanding the PEACE Method is an important part of an investigative interview, but know the Factors to consider in an investigative interview is equally important in being successful when using the PEACE Method.


I have gone ahead and made a simple flyer for you, so you can share the PEACE method on your blog, to help your readers.

Simple Solutions to Reduce Workplace Accidents

workplace accidentsIn the office, equipment cables and wires can become a trip-and-fall hazard – and an expensive workers’ compensation case. Poised and ready to trip all who pass, office cables and wires are far more than an unsightly nuisance. Slips, trips and falls constitute the majority of general industry accidents. In the United States, they cause 15 percent of all work-related deaths and are second only to motor vehicles as a cause of fatalities, according OSHA.
In a home office environment, small children and common household animals like cats, dogs, rabbits and ferrets often see equipment wires as play things – all too often as chew toys. Clearly such a circumstance puts the child or pet at great risk, with electric shock and strangulation at the top of the list.

  • Cable Control on the Cheap: For just a few dollars, computer cables can be easily shielded with a split wire loom, a flexible and durable polyethylene corrugated tube with a split down the side where you enter your multi-cable bundle. If you have to add another wire later on, you can easily slip it into the split wire loom along with the others without removing the entire bundle.
  • Achieve Lift-Off: Cables, power adapters, power strips, hubs, modems and other small devices can be readily lifted off the floor and put safely out of harm’s way with cable management products that loop, tie and hang “cable clutter” off the floor to reduce work space risks including snags, trips and liquid spills.
Check Out: Ignoring Workplace Safety
  • Wire Fire Can Be Dire: With a glut of equipment, wiring and electrical outlets conducting heat, often over long periods of time and in compact spaces, fire safety is an important workspace consideration. In addition to the standard fire extinguisher, other fire safety measures also should be employed. Flame spread is one vital safety consideration that easily can be addressed. Flame-retardant wire sleeving that does not support combustion can significantly reduce office fire hazards. You also can establish an effective insulating barrier to prevent the spread of fire and smoke through structural gaps and voids with fire-rated expanding polyurethane foams – a cost-effective way to establish an insulating seal on concrete, brick, wood, metal, aluminum and steel.
  • An Important Mat-ter: Use traction floor mats in high-traffic and extended-use areas, particularly those prone to moisture or spills. Be sure to use a floor mat with beveled edges to eliminate trip risk. Mats with sponge bases will enhance ergonomic safety for employees who must stand for longer periods of time.
  • Surface Raceways: Home office wires that run across the floor to a distant outlet are among the most dangerous office situations, with a high risk of injuries or damaged equipment. Fortunately, surface raceways are a readily available and easy way to organize and protect electrical cords that run along the floor or on the wall. These “cable channels” are made of tough PVC and can be painted to match office décor.
Check Out: Mistakes in Managing Safety
  • Cord Protectors: These wire cover systems are another great way to keep from tripping on loose cables and cords running across a walkway or behind your desk. Cord protectors cover, hide and protect cords and cables while keeping floors clear and safe. They also lie flat, and stay flat, and are easy to install.
    Heavy Metal: Whether you want greater protection for your wires from children, animals, rodents or pests, or have a need to protect outdoor fiber optics, RG-6 coaxial cable or Category 5E cables from wildlife or the elements, metal braided sleeving, made from tin-coated copper, is both flexible and strong, and also offers electromagnetic interference (EMI) protection.
  • Take the Edge Off: Wrap anything with a sharp edge such as broken/cracked glass, brittle plastic casings or other materials that may break and produce a sharp or rough edge in corrugated cardboard and secure with a heavy-duty duct tape to protect yourself and others from accidental lacerations. This is especially important before placing such items in a trash container.